What is an Adaptive Security Appliance (ASA)?
The Cisco ASA provides advanced stateful firewall and VPN concentrator
functionality in one device as well as integrated services with
add-on modules. The ASA includes many advanced features, such as
multiple security contexts (similar to virtualized firewalls),
clustering (combining multiple firewalls into a single firewall),
transparent (Layer 2) firewall or routed (Layer 3) firewall
operation, advanced inspection engines, IPsec VPN, SSL VPN, and
clientless SSL VPN support, and many more features. ASAs can be
installed on virtual machines or supported hardware.
What is an ASA Model?
An ASA model is a copy of the running configuration file of an ASA device that you have onboarded to Security Cloud
Control. You can use an ASA model to analyze the configuration of an ASA device without onboarding the device itself.
When is a device Synced?
When the configuration on Security Cloud
Control and the configuration stored locally on the device are the same.
When is a device Not Synced?
When the configuration stored in Security Cloud
Control was changed and it is now different that the configuration stored locally on the device.
When is a device in a Conflict Detected state?
When the configuration on the device was changed outside of Security Cloud
Control (out-of-band), and is now different than the configuration stored on Security Cloud
Control.
What is an out-of-band change?
When a change is made to the device outside of Security Cloud
Control. The change is made directly on the device using CLI command or by using the on-device manager such as ASDM or FDM. An out-of-band
change causes Security Cloud
Control to report a "Conflict Detected" state for the device.
What does it mean to deploy a change to a device?
After you onboard a device to Security Cloud
Control, Security Cloud
Control maintains a copy of its configuration. When you make a change on Security Cloud
Control, Security Cloud
Control makes a change to its copy of the device's configuration. When you "deploy" that change back to a device, Security Cloud
Control copies the changes you made to the device's copy of its configuration. See these topics:
What ASA commands are currently supported?
All commands. Click the Command Line Interface
link under Device Actions to use the ASA CLI.
Are there any scale limitations for device management?
Security Cloud
Control's cloud architecture allows it to scale to thousands of devices.
Does Security Cloud
Control manage Cisco Integrated Services Routers and Aggregation Services Routers?
Security Cloud
Control allows you to create a model device for ISRs and ASRs and import its configuration. You can then create templates based on
the imported configurations and export the configuration as a standardized configuration that can be deployed to new or existing
ISR and ASR devices for consistent security.
Can Security Cloud
Control manage SMA?
No, Security Cloud
Control does not currently manage SMA.